2fbb4d951507393872ae4c2b81454f1b41b5a5ef95443f78b10e2d869e3a504a | Triage

Submit
Reports

Overview

overview

7

Static

static

1

aimp_5.30....64.exe

windows10-1703-x64

7

aimp_5.30....64.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

Target

aimp_5.30.2563_w64.exe
Size

18.2MB
Sample

240902-qgnz1s1bpp
MD5

9ac82d15c18c9ad12b70e21e6492d160
SHA1

f510b32ebe211ffde8d7e17937120dee62fabc7f
SHA256

2fbb4d951507393872ae4c2b81454f1b41b5a5ef95443f78b10e2d869e3a504a
SHA512

8dcbf68a29273b89d8d11009dc95679cd0a20d729c050b395f6ad87706a0cf6eeeac4e71be6ae4a7bd73e3643c12c25ab428483b66885d199e849b5602b7c698
SSDEEP

393216:JwpS+CnzSSxctsCwF5Aqb3tDaB98tJhcLgQtIh:SpSvnz55na7ssXtIh

Score

7^/10

discovery persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

aimp_5.30.2563_w64.exe

Resource

win10-20240404-en

discovery persistence privilege_escalation

windows10-1703-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

aimp_5.30.2563_w64.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  aimp_5.30.2563_w64.exe
- Size
  
  18.2MB
- MD5
  
  9ac82d15c18c9ad12b70e21e6492d160
- SHA1
  
  f510b32ebe211ffde8d7e17937120dee62fabc7f
- SHA256
  
  2fbb4d951507393872ae4c2b81454f1b41b5a5ef95443f78b10e2d869e3a504a
- SHA512
  
  8dcbf68a29273b89d8d11009dc95679cd0a20d729c050b395f6ad87706a0cf6eeeac4e71be6ae4a7bd73e3643c12c25ab428483b66885d199e849b5602b7c698
- SSDEEP
  
  393216:JwpS+CnzSSxctsCwF5Aqb3tDaB98tJhcLgQtIh:SpSvnz55na7ssXtIh
Score

7^/10

discovery persistence privilege_escalation
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

© 2018-2025

Terms | Privacy